Cyber Security News, Latest Updates and Recent Announcements on Techminis

A naukri.com initiative

New

Home

Cyber Security News

Cybersecurity-Insiders

400

Image Credit: Cybersecurity-Insiders

How Do US Privacy Laws Affect You and Your Digital Footprint?

US privacy laws are a patchwork of state-level rules and industry-specific federal laws without an all-encompassing federal privacy law.
As of February 2025, 20 states have passed comprehensive privacy laws, leading to varying regulations for businesses.
California's CCPA sets thresholds for companies to comply with privacy regulations, with 20 other states having their own privacy laws.
Exemptions in privacy laws exist for industries regulated by federal laws like GLBA and HIPAA, but exemptions can vary by state.
States like Texas and New York are actively enforcing consumer protection laws related to data handling, increasing compliance risks for companies.
AI is being regulated by states like California and Colorado to prevent discrimination and ensure fair data processing practices.
The FTC monitors AI use to prevent deceptive data practices, emphasizing the responsibility of companies using AI in data processing.
Despite sector-specific laws like GLBA and HIPAA, attempts for a universal federal privacy law have not succeeded in the U.S.
The FTC enforces privacy policies and can take actions against companies for deceptive acts related to data handling.
To navigate U.S. privacy laws, it is advised to understand legal standings, manage data effectively, and create a tailored privacy plan.

Read Full Article

24 Likes

Shinyshiny

337

Image Credit: Shinyshiny

4 Public Wi-Fi Hotspots Remote Workers Should Avoid

Remote workers should avoid connecting to public Wi-Fi hotspots due to security risks such as "Evil Twin" attacks.
Restaurants and coffee shops with unsecured Wi-Fi are vulnerable to "Man-in-the-Middle" attacks, allowing hackers to steal sensitive information.
Hotel Wi-Fi can be hacked, giving cybercriminals access to personal and sensitive data on connected devices.
Public transport Wi-Fi and airports are also high-risk environments, where malware attacks, identity theft, and data breaches are common.

Read Full Article

20 Likes

Medium

175

Image Credit: Medium

AI: The New Weapon of Cybercrime — Are We Ready?

AI has transformed cybercrime into a growing and deadlier monster.
In India alone, over 5,000 cases of cybercrime are reported daily, a significant increase from 2015.
Global cybercrime has increased by 50-100% in the last 4 years.
AI-powered security can stop 15-30% of attacks, but a significant portion remains out of control.

Read Full Article

10 Likes

Securityaffairs

440

Image Credit: Securityaffairs

Meta warns of actively exploited flaw in FreeType library

Meta warns of actively exploited flaw in FreeType library
A vulnerability in the FreeType library (CVE-2025-27363) may have been actively exploited in the wild.
The out-of-bounds write flaw in FreeType versions 2.13.0 and below can lead to arbitrary code execution.
Multiple Linux distributions are affected by the vulnerability and users are urged to update to FreeType 2.13.3.

Read Full Article

26 Likes

Discover more

Tech Radar

391

Image Credit: Tech Radar

Hacked Tata Technologies data leaked by ransomware gang

Hunters International, the ransomware operator, has leaked 1.4TB of Tata Technologies data on its dark web data leak site.
The leaked data includes personal details of employees, purchase orders, Excel sheets, presentations, and more.
Tata Technologies suffered a ransomware attack in February, affecting its IT services, and this is not the first incident the company has faced.
A few weeks ago, the ransomware group attempted to sell the dataset on the dark web.

Read Full Article

23 Likes

Silicon

233

Image Credit: Silicon

Apple To Appeal UK Government Backdoor Order On Friday

An appeal hearing against the UK government's 'backdoor' order to Apple is to be held behind closed doors on Friday.
Last month, UK security officials issued a Technical Capability Notice (TCN) to Apple, demanding a backdoor to retrieve encrypted content from Apple users worldwide.
Apple withdrew its Advanced Data Protection iCloud feature from the United Kingdom after the UK demand, and the hearing for the appeal will also take place behind closed doors.
Several UK MPs have demanded the secret hearing to be held in public, saying that the move endangers people's privacy and sets a dangerous precedent.

Read Full Article

14 Likes

Digitaltrends

Image Credit: Digitaltrends

Watch out for North Korean spyware apps on the Google Play store

Security researchers have discovered North Korean spyware apps on the Google Play store.
The affected apps appeared to be benign system utilities but were found to collect personal information once installed.
The spyware apps have been removed from the Play Store by Google.
Users are advised to check the sources and reputation of apps before downloading to ensure security.

Read Full Article

4 Likes

Medium

269

Image Credit: Medium

Adapting to Evolving Cyber Threats: Best Practices for Organizations

Cyber threats have evolved significantly, including APTs, ransomware, phishing, and zero-day exploits.
Implementing Data Lineage Solutions helps understand and mitigate cybersecurity risks in data handling.
Adhering to data privacy compliance builds trust and reputation, and integrating Privacy Management Tools streamlines the process.
Effective threat mitigation strategies involve regular security assessments, proactive measures, and comprehensive cybersecurity frameworks.

Read Full Article

16 Likes

Neuways

116

Image Credit: Neuways

Staying secure while traveling: Neuways’ top tips

When traveling overseas, it is crucial to stay connected and keep your data secure.
Ensure all devices have the latest security patches and consider encrypting sensitive data.
Using free Wi-Fi can pose security risks, so connect through a VPN for encryption.
Maintain access to IT support and communicate securely while abroad.
Regularly update antivirus software and be cautious of downloading unknown files.
Prepare for device loss by enabling remote tracking, wiping features, and strong passwords.
Neuways offers cyber security solutions for remote work and traveling professionals.
They provide services like penetration testing and advanced threat protection.
Neuways ensures data, devices, and communications are safe for global travelers.
24/7 support is available for IT security inquiries and support for businesses.

Read Full Article

7 Likes

Blockonomi

112

Image Credit: Blockonomi

North Korean Hackers Transfer $750,000 in ETH to Tornado Cash, Deploy New Malware

Lazarus Group, a North Korean hacking group, deposited 400 ETH (approximately $750,000) to Tornado Cash mixing service on March 13, 2025.
The group has been linked to previous cryptocurrency hacks, including the $1.4 billion Bybit exchange hack in February 2025 and the $29 million Phemex exchange hack in January.
Lazarus Group deployed six new malicious packages, including a package called 'BeaverTail,' on the Node Package Manager (NPM) platform to steal credentials and crypto wallet data.
The group's malware targets Chrome, Brave, and Firefox browsers, as well as Solana and Exodus cryptocurrency wallets.

Read Full Article

6 Likes

Neuways

319

Image Credit: Neuways

Why you should be using a password manager

Using a password manager is essential for personal security.
A password manager securely stores passwords and provides easy access across devices.
Benefits of using a password manager include generating unique passwords, encrypted storage, automated sync, and secure password sharing.
Not using a password manager can lead to security risks such as weak passwords, data breaches, and difficulty managing multiple accounts.

Read Full Article

19 Likes

Wired

220

Image Credit: Wired

‘People Are Scared’: Inside CISA as It Reels From Trump’s Purge

Mass layoffs and weak leadership are impacting the US government's cyber defense agency, CISA, hindering its ability to protect against cyber threats.
Restrictions from the Trump administration have led to strained international partnerships and fear among employees to discuss threats and countermeasures.
CISA has faced significant talent exodus, losing key employees and impacting crucial programs aimed at defending against cyber threats.
Partnerships with international cyber agencies and communication with other federal entities have been hampered, affecting information sharing and collaboration.
Operational changes and layoffs have strained CISA's workforce, leading to overworked employees and decreased effectiveness in managing cyber threats.
Disruptions in CISA's mission to support private companies, state governments, and advance cybersecurity efforts have raised concerns about national security and economic impacts.
CISA's external partnerships, including with private companies, are suffering due to reduced staff and restricted communications, weakening the agency's threat response capabilities.
CISA's mission expansion into areas like open-source security and artificial intelligence has been hampered by staff reductions and frozen initiatives, affecting cybersecurity efforts.
Layoffs, office return mandates, and leadership issues have further demoralized CISA employees, impacting morale and operational efficiency.
Concerns loom over the future capabilities of CISA as potential further cuts and destabilization under the Trump administration could endanger national cyber defense efforts.

Read Full Article

13 Likes

Dev

359

Image Credit: Dev

Prevent Session Replay Attacks in Laravel: A Complete Guide

Session Replay Attacks are a significant security threat where attackers can hijack and replay user sessions to gain unauthorized access to sensitive data.
A Session Replay Attack occurs when an attacker captures the session token of a legitimate user and reuses it to impersonate that user.
Laravel provides built-in features that can help protect your application from Session Replay Attacks.
By enforcing HTTPS, setting cookie attributes, regenerating session IDs, and implementing 2FA, you can significantly reduce the risk of such attacks.

Read Full Article

21 Likes

Dev

247

Image Credit: Dev

BlackClown : AI-Assisted Tools for RCE Vulnerability Test, Discovery & Exploitation

This security assessment utilized AI-driven vulnerability detection and automated exploit execution with a focus on identifying Remote Code Execution (RCE) vulnerabilities.
The testing methodology involved AI-based vulnerability detection using a custom AI model and automated exploit generation for high-probability vulnerabilities.
To validate the findings, post-exploitation scripts were used to analyze system configurations and assess the depth of compromise for RCE vulnerabilities.
The notebook utilizes AI models like CodeBERT and BART to analyze source code and identify potential security vulnerabilities.

Read Full Article

14 Likes

Securityaffairs

Image Credit: Securityaffairs

Medusa ransomware hit over 300 critical infrastructure organizations until February 2025

The Medusa ransomware operation hit over 300 organizations in critical infrastructure sectors in the United States until February 2025.
The FBI, CISA, and MS-ISAC have issued a joint advisory on Medusa ransomware.
Medusa is a ransomware-as-a-service (RaaS) variant that has impacted various critical infrastructure sectors, including medical, education, legal, insurance, technology, and manufacturing.
Medusa operators employ various techniques and tools to gain unauthorized access, move laterally, perform reconnaissance, encrypt files, and conduct double extortion schemes.

Read Full Article

1 Like

For uninterrupted reading, download the app